1
22
23 package com.liferay.portlet.shopping.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.security.auth.PrincipalException;
28 import com.liferay.portal.security.permission.ActionKeys;
29 import com.liferay.portal.security.permission.PermissionChecker;
30 import com.liferay.portal.service.permission.PortletPermissionUtil;
31 import com.liferay.portal.util.PortletKeys;
32 import com.liferay.portlet.shopping.model.ShoppingOrder;
33 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
34
35
40 public class ShoppingOrderPermission {
41
42 public static void check(
43 PermissionChecker permissionChecker, long plid, long orderId,
44 String actionId)
45 throws PortalException, SystemException {
46
47 if (!contains(permissionChecker, plid, orderId, actionId)) {
48 throw new PrincipalException();
49 }
50 }
51
52 public static void check(
53 PermissionChecker permissionChecker, long plid, ShoppingOrder order,
54 String actionId)
55 throws PortalException, SystemException {
56
57 if (!contains(permissionChecker, plid, order, actionId)) {
58 throw new PrincipalException();
59 }
60 }
61
62 public static boolean contains(
63 PermissionChecker permissionChecker, long plid, long orderId,
64 String actionId)
65 throws PortalException, SystemException {
66
67 ShoppingOrder order =
68 ShoppingOrderLocalServiceUtil.getOrder(orderId);
69
70 return contains(permissionChecker, plid, order, actionId);
71 }
72
73 public static boolean contains(
74 PermissionChecker permissionChecker, long plid, ShoppingOrder order,
75 String actionId)
76 throws PortalException, SystemException {
77
78 if (PortletPermissionUtil.contains(
79 permissionChecker, plid, PortletKeys.SHOPPING,
80 ActionKeys.MANAGE_ORDERS)) {
81
82 return true;
83 }
84 else {
85 if (permissionChecker.hasOwnerPermission(
86 order.getCompanyId(), ShoppingOrder.class.getName(),
87 order.getOrderId(), order.getUserId(), actionId)) {
88
89 return true;
90 }
91
92 return permissionChecker.hasPermission(
93 order.getGroupId(), ShoppingOrder.class.getName(),
94 order.getOrderId(), actionId);
95 }
96 }
97
98 }